thank you, Technology

Thanks for hiding my password, so when no other person is within 100ft of me and I type my password that meets the requirements of:


Password must be at least 8 characters, and no greater than 120 characters.
Password must contain at least three of the following four character groups:
English uppercase characters (A through Z);
English lowercase characters (a through z);
Numerals (0 through 9);
Non-alphabetic characters (such as !, $, #, %).
Password can not match one of your previous 24 passwords.
Password can not contain your account or full name.
Password can not contain any part of your prior password (if one previously existed).
Password can not contain any piece of personal information, such as your phone number or address.
Password can not be an individual word found in the dictionary (multi-word phrases are OK).
I can't see what I'm typing, this has me the anguish of covering my password if I'm stupid enough to allow someone to stand behind me and watch me type it in.
*Whew!*

 

Take the non-technological approach.


Write it down first, and type accurately.

 

write it down?
typing it accurately, yes, I dont usually do that, I just roll my head over the keyboard.
When I type my password into my ipod touch to download a new app, and I usually have 2 or 4 people watching me, thankfully they can't see my password!
*whew*

 

Yes, before the advent of keyboards, we used to use these things called "Pens" or "Pencils" and you hold them with the pointed end down and drag it across a very very ultra thin slice of wood we call "Paper", the "pen" or "pencil" then marks the "paper". If you do this is such a way that the marks denote actual letters and numbers it turns out to be what we call "Writing"

:-D

 

Yeah, but everything always says to never write down your password, in case someone finds it and gets into your stuff! LOL

 

Yeah, a bit like when I give a co-worker my bank card to get me lunch and they say I shouldn't give out my number and then I stand there and call it out loudly... you see, my number is no good to anyone without my card and if I lose my card I will cancel it... fairly simple really and you can write your password in shorthand so only you understand it, something I have in notepads for certain logins that are a little more complicated.

Example: Password is "OldNedwantsaburger" = write down... "Neds lunch Needs"

I still like the password = yourpasswordisincorrect :-D

 

I always write mine down. Good luck to anyone finding one of my notes on a random scrap of paper with no indication as to what it might be, applying it to one of my accounts as a password. LOL

 

I'd take the initial letters of a phrase that you can remember rather than actual words. Don't use "wyhetiwrhimbtt" from my sig ... oops!

http://xkcd.com/936/

and

http://xkcd.com/792/

 

And some time after these dark ages, the pen was invented, which spread 'ink' on the wood 'paper'. For many Nirvana was reached when some genius added an adhesive to a stack of this 'paper', so you can write your passwords on 'paper' and stick them on your 'monitor' (the magic window.)

:-D

Seriously, I have a strong password for my banking account, but for my email and such? It gets a bit ridiculous with all the password stuff.

 

I went through your trash, found a piece of paper with your password on it, used it clean out your lifes saving AND 401K,, yet I still needed to withdraw $20 of my own money to have enough money to go to the movies....I must stop buying all that candy!

I cant find the clip in the movie, clear and present danger, where the nerd hacks the guys password:
but its so funny

Let's start with birthdays.
Bet your ATM code is your birthday.

- Close.
- In reverse?

All right, his birthday is...

That would be too easy, wouldn't it?
Try it in reverse.
:
No. His wife's?

No. His son's?

- This could take...
- Months.

Son's in reverse.
This is for you.

No. Wife's in reverse.

No. Daughter's in reverse.

You've got to change your ATM code.
:
I got it!
:
Wife's birth month,
daughter's day, son's year.

 

It wasn't the candy...I really am that broke! LOL

 

My ATM password is totally random numbers. :-D

 

I have a different super strict pw's for each of my banking/credit cards accts. I have about 4 differeent moderate pw's I rotate for other sites I want moderate security on. Finally I have 2 different "easy" pw's I rotate for sites I could really care less about if they get hacked. :-D

 

I have a notepad file with all my usernames and passwords in it listed by site in alphabetical order.

It's not as bad as it sounds, it's in an encrypted container on a pen drive on my keys, and on an encrypted hard drive on my laptop.

 

I buried my passwords in a mason jar in the backyard with all my money for safe keeping .:-D

 

Safer than some other countrie's banks... :-D

 

I use the same password for everything
what I dont understand is my school email, they force me to reset my password every few months which needs to fit into the requirements i listed on 04-08-13 19:48.
one of those requirements is Password can not match one of your previous 24 passwords.
I am not a computer dude, so why does this matter? why does my password ever expire? I dont know anything else that uses a password and the password expires.
I have 2 solutions to this problem
1 I call tech support whenever I need to get into my account, which is once a semester, etc.
2 I have the same answer to all my "in case you forget your password, tell us your
city you were born in
favorite pet
name of the person you 1st pleased you orally
first sexual partner
favorite color
--I have the same answer for all those questions(its David)

 

The main reason that some security policies have passwords changed regularly is to limit the possibility that a compromised password can be used for more than a set period of time.

This does however make it harder for people to choose and remember stronger passwords as they either can't remember multiple long passwords or decide that as the password is changing regularly they will just change the one they have slightly each time, like adam1 then adam2 then adam3 etc.

As a result, some circles of though say have one password with minimum options (length, capitals, symbols etc) that isn't changed, and another one is changing passwords regularly.

 

yeah, that's a great theory, but not valid.
Im at a school.. if someone got someone elses password, there isnt anything the they can't do it in 5 minutes, much less have the password for months?

See, all the important stuff, adding/dropping classes, has to be done on paper...so there isnt a dang thing you can do

Im also not talking about the important password, which would be the one to the school email.
I can see the school email being "hacked" and that being problematic if a lot of emails were sent out that you didnt write
but the email password NEVER EXPIRES only ..The password you use to get on the school computers in the labs, which is different and the labs are all monitered by lab techs and video cameras.
Im still confused about this because of a lack of consistency

 

Lack of consistency is due to how different companies handle security. There is no standardized method, so to speak.

 

That's what I gout taught by a security expert when I took my BTEC ND (A-level)

But in a business environment more stuff gets done on computer.

 

oh, I think my comments came off wrong
I am sure you are correct about the information you posted about why a password would expire, I just see those reasons as being invalid for my school, so why they have passwords expire is beyond me.
State school which still allows smoking on campus, so I can end up in a computer lab, sitting next to a person who reeks of smoke because they were smoking on campus, smoke I have to walk through to get inside the building.
lots of things dont make sense here, the passwords are one of many

 

No problem on my end.

I get where you are coming from now. My university just asks for a 6 character password with no other requirements and no changes. The 6 character thing is only because it is linked to the national university wireless network scheme here.

It's probably just an old security policy that has never been updated since the introduction of computer authentication.

 

Most of the 'secure terminals' for the Govt. Agencies and Corps. I've dealt with have Passwords changed every ten minutes and you need a personalized dongle and thumb-print to get in. If you try without/with wrong dongle, the terminal is locked-down and an alert sent to Admin.
25 years experience have taught me that they certainly do operate in this manner in many cases. Those that don't, either get compromised eventually, or just screw up. with people not knowing what they are doing, and delving into forbidden areas.

 

odd, I'll have to ask my local federal lawyer if he has a password he has to type in or not
I know he carries around a card that he has to put into his computer in order for it to log him on, he also might need a password though

 

The basic three authentication methods are "something you know" - a password, pin, multi-part challenge sequence, etc, "something you have" - a card or security token number generator etc, and "something you are" - your fingerprint, iris scan, etc.

Most of the time it is considered insecure just to "have something" to log in as the "something" can be stolen/lost quite easily.

Obviously "something you know" is used most of the time, with "something you have" second-most used as giving someone an identity card is commonplace in work environments, and it is easy to put a magstrip or RFID tag in them. But these still need passwords as well as the cards are used to increase authentication security.

 

My sister works for the defense department, and that is exactly how it is. Her ID badge must be inserted in her computer to even turn it on, then she has to enter her password to get to the government login, which then has to go through their security protocol before entering another password which will give her access to the general office files. In order to work on any of her personal files, it requires yet another password. None of the passwords may be identical, and all of them must be changed at least once a month. In lieu of one of the passwords (I think the one for her personal files), she could have opted for a fingerprint scan.

 

and they probably running windows 98 :-D

 

Her laptop runs Windows 7. :-D

 

then he his the same way, he works for the DOD/dcma.
I know one time he got to work, and forgot his ID badge and had to go all the way back home cause not only can he not do any-work without it, he can't even get into the building as security won't let him pass, even though they know him...I'll ask him about the fingerprint thing.

 

I see things like this and wonder whether we're not taking security seriously enough, or too seriously.

Then I remember the security system from Family Guy. And I laugh so hard I don't care.

---

Honestly, I'm not concerned about getting hacked. I don't keep more money in the account than is going to go out straight away. Plus the $10 minimum to keep the account open. You want the password to pay my bills for me? Go right ahead. None of the rest of my passwords have anything useful linked to them, since they're all linked to that one account with nothing in it. It'd be like breaking into Fort Knox, then stealing the wall paper.

 

She just went from DCMA to DCAA (or vice versa, now I don't remember) a couple of weeks ago. :-D

 

this might be off topic, but a different board I post on, sent me a message saying"
Dear watchntv,

Your account on "name of other board"has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.

The person trying to log into your account had the following IP address: 96.47.226.20

Don't forget that the password is case sensitive. Forgotten your password? Use the link below: .......
I did a google of that IP address, since it's NOT MY IP and it came up as a spammer IP?
96.47.226.20

The Project Honey Pot system has detected behavior from the IP address consistent with that of a comment spammer. Below we've reported some other data associated with this IP. This interrelated data helps map spammers' networks and aids in law enforcement efforts. If you know something about this IP, please leave a comment.


http://www.projecthoneypot.org/ip_96.47.226.20


i post this because I thought it was odd, I am still waiting for my FREE WINDOWS 7 OS from BILL GATES FOR FORWARDING THAT EMAIL a few years ago:-D

 

I have health insurance, but for reasons outside the scope of this thread, my MD's office has decided to go through a bill colllector to get his monies from me?
so I got a call the other evening from someone asking me about my bill payment, etc.
After they said who they were and I said who I was, they asked me to confirm I am who I said I am by telling them information that they "have on their screen".

No thanks, but I can talk to you about my account, what do you want to know?
"Sir, I cannot continue this conversation until I confirm this information."
-you realize how stupid I'd have to be to tell you information about myself? so you can tell me stuff and I"ll tell you what's going on with the account, or you can hang up"
"Sir, I cannot continue this conversation until I confirm this information."
-I hung up
no one has called since then.